Creating a Replication User On a Source Server

The replication user for inbound replication must be present on the source server with the required privileges. The replica uses this user account when it communicates with the source.

Using a Command-Line Client

Use a command-line client such as MySQL Shell or MySQL Client to create a correctly configured replication user with appropriate privileges on the source server.

This task requires the following:
  • MySQL Shell 8.0.27 or higher, or a MySQL Client.
Do the following to add a replication user to the source server:
  1. Open MySQL Shell and connect to the MySQL source server.
  2. Run the following command in the SQL execution mode to create a replication user, and to permit only encrypted connections for all accounts named by the statement. In this example, the username for the replication user is rpluser001:
    CREATE USER rpluser001@'%' IDENTIFIED BY 'password' REQUIRE SSL;
    The password must be between 8 and 32 characters and contain at least one numeric character, one special character, one uppercase, and one lowercase character. If the username contains any special characters, such as a space or hyphen, it must also be surrounded by quotes, for example:
    CREATE USER 'rpl-user'@'%' IDENTIFIED BY 'password' REQUIRE SSL;
    Note

    If the replica DB system is running MySQL 9.0 or higher and the source server has set the default_authentication_plugin to mysql_native_password, ensure that the replication user is created with the caching_sha2_password authentication method.
    CREATE USER rpluser001@'%' IDENTIFIED WITH 'caching_sha2_password' BY 'password' REQUIRE SSL;
  3. Run the following command to grant the REPLICATION SLAVE privilege to the new replication user, rpluser001 in this example:
    GRANT REPLICATION SLAVE on *.* to rpluser001@'%';

The replication user is created and granted the required privileges. Note the username and password so that you can specify them when you create the replication channel.